Neil MacDonald

A member of the Gartner Blog Network

Archives for November, 2010

Rental Cars and Infrastructure Security

by Neil MacDonald  |  November 29, 2010  |  5 Comments

I was out last week on holiday to visit my family for the US Thanksgiving holiday. We flew into the regional airport and rented a car. As we were driving to my parent’s house, I started thinking about the protection capabilities built into the rental car: front and side air bags; automatic seat belts; antilock […]


Category: Information Security Virtualization Security     Tags: , , , ,

You Don’t Have to Own Identity in Order to Consume Identity

by Neil MacDonald  |  November 15, 2010  |  Comments Off

I’m here this week in San Diego at Gartner’s Identity and Access Management Summit. I’ve been associated with Gartner’s identity-related research from 1995 when I joined Gartner to cover Novell and directory services. I’ve atached identity change over the past 15 years. Directory services evolved into metadirectories which evolved into user provisioning which has evolved […]

Comments Off

Category: Cloud Security Information Security Microsoft Security Virtualization Security     Tags: , , , , ,

Why Does Identifying Data Owners Have to be so Hard?

by Neil MacDonald  |  November 10, 2010  |  Comments Off

One of my readers sent in this picture from one of their offices. They are moving locations, so all of the file cabinets need to be indentified with clear owners. Take a look: The pink labels (on every file cabinet) say “unidentified cabinet” – meaning the cabinet has no clear owner and the contents are […]

Comments Off

Category: Information Security Next-generation Security Infrastructure     Tags: , ,

Cloud Computing Will be More Secure

by Neil MacDonald  |  November 9, 2010  |  5 Comments

I presented a session exploring this provocative point of view at Gartner’s US Fall Symposium titled “Why Cloud Computing Will be More Secure Than What You Have Today”. This Wednesday afternoon presentation was a part of Gartner’s “Maverick Track” where presentations that challenge conventional wisdom are provided for clients. If you attended Symposium and weren’t […]


Category: Cloud Cloud Security Virtualization Security     Tags: , , , , , ,

Lessons from the Windows Firewall on the Evolution of Virtualization Security

by Neil MacDonald  |  November 8, 2010  |  2 Comments

In this research note on deploying Windows 7 security features for clients, I explore in detail the security capabilities baked into Windows 7 – AppLocker, BitLocker, BitLocker To Go, the Windows Firewall, USB Port Control and so on. One question I get from clients is whether or not to use the built-in capabilities of Windows […]


Category: Endpoint Protection Platform Virtualization Virtualization Security Windows 7     Tags: , , , , ,

A Good IPS Isn’t Necessarily a Good IDS

by Neil MacDonald  |  November 5, 2010  |  Comments Off

Is IDS dead? Not at all. I previously blogged that complete protection will require a combination of prevention and detection. Protection = Prevention + Detection We cannot and will not be 100% successful in preventing all attacks. Many organizations continue to spend an ever-increasing amount of the IT budget in a futile attempt to prevent […]

Comments Off

Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Next-generation Security Infrastructure     Tags: , , , , ,

Redefining Information Security

by Neil MacDonald  |  November 1, 2010  |  6 Comments

The traditional definition of information security has been something like the protection of the confidentiality, integrity, availability, authenticity, possession, utility and no-repudiation of our information assets. How about a new way of thinking about information security: Getting the right information to the right entity at the right time in the right context to take the […]


Category: Information Security Next-generation Security Infrastructure     Tags: ,